云记
CVE-2021-38154: Canon Devices – Authentication Bypass in Catwalk Server
漏洞标题 CVE-2021-38154: Canon Devices - Authentication Bypass in Catwalk Server 漏洞描述 Certain Canon devices manufactured in 2012 through 2020 (such as imageRUNNER ADVANCE iR-AD...
CVE-2019-17231: WordPress OneTone theme <= 3.0.6 – Unauthenticated Stored XSS
漏洞标题 CVE-2019-17231: WordPress OneTone theme <= 3.0.6 – Unauthenticated Stored XSS 漏洞描述 includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPress ha...
CVE-2021-27519: FUDForum 3.1.0 – Cross-Site Scripting
漏洞标题 CVE-2021-27519: FUDForum 3.1.0 - Cross-Site Scripting 漏洞描述 FUDForum 3.1.0 contains a cross-site scripting vulnerability which allows remote attackers to inject JavaScr...
CVE-2023-1177: MLflow get-artifact 任意文件读取漏洞
漏洞标题 CVE-2023-1177: MLflow get-artifact 任意文件读取漏洞 漏洞描述 使用 MLflow 模型注册表托管 MLflow 开源项目的用户 mlflow server或者 mlflow ui使用早于 MLflow 2.2.1 的 MLflow 版...
Astro Web Framework Cloudflare /_image 服务器端请求伪造漏洞(CVE-2025-58179)
漏洞标题 Astro Web Framework Cloudflare /_image 服务器端请求伪造漏洞(CVE-2025-58179) 漏洞描述 Astro 是一个用于内容驱动网站的网络框架。在11.0.3至12.6.5版本中,当使用Astro的Cloudfl...
CVE-2022-0422: WordPress White Label CMS <2.2.9 - Cross-Site Scripting
漏洞标题 CVE-2022-0422: WordPress White Label CMS <2.2.9 - Cross-Site Scripting 漏洞描述 WordPress White Label CMS plugin before 2.2.9 contains a reflected cross-site scripting ...
CVE-2022-2462: WordPress Transposh <=1.0.8.1 - Information Disclosure
漏洞标题 CVE-2022-2462: WordPress Transposh <=1.0.8.1 - Information Disclosure 漏洞描述 WordPress Transposh plugin through is susceptible to information disclosure via the AJAX ...
CVE-2010-2018: Lokomedia CMS – Local File Inclusion
漏洞标题 CVE-2010-2018: Lokomedia CMS - Local File Inclusion 漏洞描述 A Local File Inclusion (LFI) vulnerability exists in Lokomedia CMS. The application allows an attacker to incl...
CVE-2021-25003: WordPress WPCargo Track & Trace <6.9.0 - Remote Code Execution
漏洞标题 CVE-2021-25003: WordPress WPCargo Track & Trace <6.9.0 - Remote Code Execution 漏洞描述 WordPress WPCargo Track & Trace plugin before 6.9.0 is susceptible to re...
CVE-2021-24827: WordPress Asgaros Forum <1.15.13 - SQL Injection
漏洞标题 CVE-2021-24827: WordPress Asgaros Forum <1.15.13 - SQL Injection 漏洞描述 WordPress Asgaros Forum plugin before 1.15.13 is susceptible to SQL injection. The plugin does...
CVE-2022-3982: WordPress Booking Calendar <3.2.2 - Arbitrary File Upload
漏洞标题 CVE-2022-3982: WordPress Booking Calendar <3.2.2 - Arbitrary File Upload 漏洞描述 WordPress Booking Calendar plugin before 3.2.2 is susceptible to arbitrary file upload...
CVE-2018-1000226: Cobbler – Authentication Bypass
漏洞标题 CVE-2018-1000226: Cobbler - Authentication Bypass 漏洞描述 Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ and possibly even older versions, may be ...
CVE-2014-1843: Titan FTP Server < 10.40 - User Properties Traversal
漏洞标题 CVE-2014-1843: Titan FTP Server < 10.40 - User Properties Traversal 漏洞描述 Titan FTP Server versions prior to 10.40 build 1829 contain a directory traversal vulnerabi...
CVE-2022-1574: WordPress HTML2WP <=1.0.0 - Arbitrary File Upload
漏洞标题 CVE-2022-1574: WordPress HTML2WP <=1.0.0 - Arbitrary File Upload 漏洞描述 WordPress HTML2WP plugin through 1.0.0 contains an arbitrary file upload vulnerability. The pl...
CVE-2024-55550: Mitel MiCollab – Arbitary File Read
漏洞标题 CVE-2024-55550: Mitel MiCollab - Arbitary File Read 漏洞描述 The Mitel Collab Arbitrary File Read vulnerability allows an unauthenticated attacker to read arbitrary files ...
CVE-2018-19365: Wowza Streaming Engine Manager 4.7.4.01 – Directory Traversal
漏洞标题 CVE-2018-19365: Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal 漏洞描述 Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retr...
